Blog Posts Tagged with "malware"

A site popped up with the domain name exposed.su and within the pages (other than malware lurking for an IE exploit) sits all kinds of personal financial data for famous people. Among the people hit on this site were the likes of Hillary Clinton, Al Gore, FBI Director Mueller and others.

China may be the source for a lot of international cyber attacks and malware, but they get hit by it too. 620,000 Android phones in China were infected with a nasty virus that collects personal information and begins to send costly text messages to benefit the malware maker...

German political platform NetzPolitik.org has now uncovered secret documents belonging to the Ministry of Finance, that the Ministry of the Interior sent to the Bundestag (the political seat of Germany) that reveals the German Federal Police’s intention to use Gamma Group’s Finfisher spyware...

The report revealed the surprising efficiency of well-known vulnerabilities usually included in the popular exploits sold in the underground, around 60% are more than two years old, and 70% of the exploit kits analyzed (26) were released or created in Russia...

The book is not meant as an introductory text, rather as a reference for experienced professionals. For such a reader, they will likely find the Malware Forensics Field Guide for Windows Systems to be an invaluable reference...

The first version of the malware demonstrated an improved methodology for injecting code into browsers to remotely control the victim's device and an improved evasion technique to prevent detection by common antivirus software...

Kaspersky made an astonishing announcement today with its discovery of a sophisticated cyber espionage network (most likely Russian) that has been operating since May 2007 and continues to this day. It has successfully infiltrated embassies, research organizations, military and government agencies, energy facilities (including nuclear power plants) predominantly in the Commonwealth of Independent ...

Now, admittedly you already probably know I'm not a huge proponent of "bug bounty" programs, as I see the abuses and failure potential outweigh the redemption value in the cases I've seen outside of the few 'big names'... but this caught my attention because they may actually be onto something.

Most malware writers just want to be paid for their research; something that isn't happening frequently enough or at a rate that's considered fair by the researchers. As a result, some of those researchers are exploring grey markets in offensive malware development or are selling 0-days to clients...

Analysis revealed that the malicious code has a simple and efficient design that allows it to wipe files on different drives in various predefined times. The malware wipes disk partitions and user profile directories avoiding ordinary anti-virus software detection...

The amount and variety of malicious programs out there is enough to make your head spin. This blog post will break down the common types of malicious programs and provide a brief description of each...

Some of the more forward-looking DOD contractors who have robust internal CERT with engineers who do reverse-engineering could be in the best position to offer free or low-cost network defense to corporations who want to "flip" the malware found on their network for a nice profit...